On Wed, Jul 25, 2012 at 1:50 AM, David R <rewt@linux-elite.org> wrote:

I wondered how i could for example:

Whitelist the "param" argument for the url /prout.php on the vhost www.host.com
from 950901 rule id.

The maximum that i am able to do is:

SecRule REQUEST_HEADERS:Host "www.host.com$"

How could i include the REQUEST_URI "^/prout\.php" to that request ?

Hi David,

The ruleRemoveById just takes a rule id as a parameter, the SecRuleUpdateTargetById directive lets you white list certain parameters for a given rule. While you can chain rules together to add the REQUEST_URI parameter condition, you can also use Apache Location directives as well, e.g.:

SecRule REQUEST_HEADERS:Host "www.host.com" "phase:1,t:none, \
  SecRule REQUEST_URI "^/prout\.php"


<Location /prout.php>
  SecRule REQUEST_HEADERS:Host "www.host.com" "phase:1,t:none, \

 - Josh